Abad, C., Taylor, J., Sengul, C., et al. (2003). “Log correlation for intrusion detection: a proof of concept.” 19th Annual Computer Security Applications Conference, 2003. Proceedings., 2003, pp. 255–264, doi: 10.1109/CSAC.2003.1254330.Google Scholar

Abdellahi, S., Lipford, H. R., Gates, C., and Fellows, J. (2020). “Developing a User Interface Security Assessment method.” USENIX Symposium on Usable Privacy and Security (SOUPS) 2020. August 9–11, 2020, Boston.Google Scholar

Abedin, M., Nessa, S., Khan, L., Al-Shaer, E., and Awad, M. (2010). “Analysis of firewall policy rules using traffic mining techniques.” International Journal of Internet Protocol Technology, 5(1–2), 3–22.CrossRefGoogle Scholar

Abraham, T. and Roddick, J. F. (1999). “Survey of spatio-temporal databases.” GeoInformatica, 3(1), 61–99.CrossRefGoogle Scholar

Aggarwal, C. C. (2017). “Spatial outlier detection.” Outlier Analysis. Springer International Publishing, 345–368.Google Scholar

Aggarwal, C. C. and Yu, P. S. (2001, May). “Outlier detection for high dimensional data.” ACM Sigmod Record, 30(2) 37–46.Google Scholar

Agrawal, R., Gehrke, J., Gunopulos, D., and Raghavan, P. (1998). “Automatic subspace clustering of high dimensional data for data mining applications.” Proceedings of the 1998 ACM SIGMOD International Conference on Management of Data. ACM Press, 94–105.Google Scholar

Agrawal, R. and Srikant, R. (1994). “Fast algorithms for mining association rules.” Proceedings of the 20th International Conference on Very Large Data Bases, VLDB, Bocca, J. B., Jarke, M., and Zaniolo, C. (Eds.). Morgan Kaufmann, 487–499.Google Scholar

Agarwal, S., Farid, H., Gu, Y., et al. (2019, June). “Protecting world leaders against deep fakes.” Proceedings of the IEEE/CVF Conference on Computer Vision and Pattern Recognition (CVPR) Workshops, 38–45.Google Scholar

Ahmed, M., Mahmood, A. N., and Hu, J. (2016). “A survey of network anomaly detection techniques.” Journal of Network and Computer Applications, 60, 19–31.CrossRefGoogle Scholar

Akamai. (2016). “Q4 2016 state of the internet/security report.” www.akamai.com/newsroom/press-release/akamai-releases-fourth-quarter-2016-state-of-the-internet-connectivity-report. Last accessed November 2021.Google Scholar

Akamai. (2019). “Web attacks and gaming abuse, 2019.” www.akamai.com/us/en/multimedia/documents/state-of-the-internet/soti-security-web-attacks-and-gaming-abuse-report-2019.pdf. Last accessed November 2021.Google Scholar

Akoglu, L., Tong, H., and Koutra, D. (2015). “Graph based anomaly detection and description: a survey.” Data Mining and Knowledge Discovery, 29(3), 626–688.Google Scholar

Al-Musawi, B., Branch, P., and Armitage, G. (2015, December). “Detecting BGP instability using Recurrence Quantification Analysis (RQA).” Computing and Communications Conference (IPCCC), 2015 IEEE 34th International Performance. IEEE, 1–8.Google Scholar

Al-Musawi, B., Branch, P., and Armitage, G. (2016). “BGP anomaly detection techniques: a survey.” IEEE Communications Surveys & Tutorials, 19(1) 377–396.Google Scholar

Al-Rousan, N. M. and Trajković, L. (2012, June). “Machine learning models for classification of BGP anomalies.” 2012 IEEE 13th International Conference on High Performance Switching and Routing (HPSR). IEEEV, 103–108.Google Scholar

Al Shalabi, L., Shaaban, Z., and Kasasbeh, B. (2006). “Data mining: a preprocessing engine.” Journal of Computer Science, 2(9), 735–739.Google Scholar

Aleroud, A. and Karabatis, G. (2013). “A system for cyber attack detection using contextual semantics.” 7th International Conference on Knowledge Management in Organizations: Service and Cloud Computing, Uden, L, Herrera, F, Pérez, J. B, and Corchado Rodríguez, J. M (Eds.). Springer, 431–442.Google Scholar

Aleroud, A. and Karabatis, G. (2014, September). “Detecting zero-day attacks using contextual relations.” International Conference on Knowledge Management in Organizations, L. Uden, , D. Fuenzaliza Oshee, , I. H. Ting, , and D. Liberona, (Eds.). Springer, 373–385.Google Scholar

Alperovitch, D. (2011). “Revealed: Operation Shady RAT.” www.csri.info/wp-content/uploads/2012/08/wp-operation-shady-rat1.pdf. Last accessed November 2021.Google Scholar

Alseadoon, I., Chan, T., Foo, E., and Gonzales, N. J. (2012). “Who is more susceptible to phishing emails? A Saudi Arabian study.” Proceedings of the 23rd Australasian Conference on Information Systems. ACIS, 1–11Google Scholar

Ameen, J. and Basha, R. “Mining time series for identifying unusual sub-sequences with applications.” ICICIC’06: Proceedings of the First International Conference on Innovative Computing, Information and Control. IEEE Computer Society, 574–577.Google Scholar

Aminikhanghahi, S. and Cook, D. J. (2017). A survey of methods for time series change point detection. Knowledge and Information Systems, 51(2), 339–367.Google Scholar

Anderson, L. C. and Agarwal, R. (2010, September). “Practicing safe computing: a multimethod empirical examination of home computer user security behavioral intentions.” MIS Quarterly, 34(3), 613–643.CrossRefGoogle Scholar

Ankerst, M., Breunig, M. M., Kriegel, H. P., and Sander, J. (1999, June). “OPTICS: ordering points to identify the clustering structure.” Proceedings of the 1999 ACM SIGMOD International Conference on Management of Data (SIGMOD '99). ACM, 49–60. doi: 10.1145/304182.304187.Google Scholar

Azari, A., Janeja, V. P., and Levin, S. (2017). “MILES: multiclass imbalanced learning in ensembles through selective sampling.” ACM Symposium on Applied Computing, Data Mining. ACM, 811–816. doi: 10.1145/3019612.3019667.Google Scholar

Azari, A., Namayanja, J. M., Kaur, N., Misal, V., and Shukla, S. (2020, May). “Imbalanced learning in massive phishing datasets.” 2020 IEEE 6th International Conference on Big Data Security on Cloud (BigDataSecurity), IEEE International Conference on High Performance and Smart Computing (HPSC) and IEEE International Conference on Intelligent Data and Security (IDS). IEEE, 127–132.Google Scholar

Banerjee, A., Venkatasubramanian, K. K., Mukherjee, T., and Gupta, S. K. S. (2012). “Ensuring safety, security, and sustainability of mission-critical cyber–physical systems.” Proceedings of the IEEE, 100(1), 283–299.Google Scholar

Barnes, R. (2013, August 8). “Geocoding router log data.” http://resources.infosecinstitute.com/geocoding-router-log-data/#gref. Last accessed November 2021.Google Scholar

Barnett, V. and Lewis, R. (1994). Outliers in Statistical Data. John Wiley and Sons.Google Scholar

Basawa, I. V., Billard, L., and Srinivasan, R. (1984). “Large-sample tests of homogeneity for time series models.” Biometrika, 71(1), 203–206.Google Scholar

Bellman, R. (1961). Adaptive Control Processes: A Guided Tour. Princeton University Press.Google Scholar

Ben-David, S., Borodin, A., Karp, R., Tardos, G., and Wigderson, A. (1994). “On the power of randomization in on-line algorithms.” Algorithmica, 11(1), 2–14.Google Scholar

Ben Salem, M., Hershkop, S., and Stolfo, S. J. (2008). “A survey of insider attack detection research.” Insider Attack and Cyber Security: Advances in Information Security, vol. 39, Stolfo, S. J, Bellovin, S. M, Keromytis, A. D, Hershkop, S, Smith, S. W, and Sinclair, S (Eds.). Springer, 1–19.Google Scholar

Ben Salem, M. and Stolfo, S. J. (2011). “Modeling user search behavior for masquerade detection.” Insider Attack and Cyber Security: Advances in Information Security, vol. 39, Stolfo, S. J, Bellovin, S. M, Keromytis, A. D, Hershkop, S, Smith, S. W, and Sinclair, S (Eds.). Springer. doi: 10.1007/978-0-387-77322-3_5.Google Scholar

Besag, J. and Newell, J. (1991).“The detection of clusters in rare diseases.” Journal of the Royal Statistical Society Series A, 154, 143–155.Google Scholar

Beyer, M. A. and Laney, D. (2012). The Importance of “Big Data”: A Definition. Gartner.Google Scholar

Bhuyan, M. H., Bhattacharyya, D. K., and Kalita, J. K. (2014). “Network anomaly detection: methods, systems and tools.” IEEE Communications Surveys and Tutorials, 16(1), 303–336.CrossRefGoogle Scholar

Binde, B. E., McRee, R., and O’Connor, T. (2011, May). “Assessing outbound traffic to uncover advanced persistent threat.” doi: 10.13140/RG.2.2.16401.07520.Google Scholar

Blasch, E., Kadar, I., Grewe, L. L., et al. (2017, May). “Panel summary of cyber-physical systems (CPS) and internet of things (IoT) opportunities with information fusion.” Signal Processing, Sensor/Information Fusion, and Target Recognition XXVI, vol. 10200, International Society for Optics and Photonics, 02000O.Google Scholar

Blasco, J. (2013, March 21). “New Sykipot developments.” https://cybersecurity.att.com/blogs/labs-research/new-sykipot-developments. Last accessed November 2021.Google Scholar

Brdiczka, O., Liu, J., Price, B., et al. (2012). “Proactive insider threat detection through graph learning and psychological context.” 2012 IEEE Symposium on Security and Privacy Workshops (SPW). IEEE, 142–149.Google Scholar

Breiman, L. (1996). “Bagging predictors.” Machine Learning, 24(2), 123–140.Google Scholar

Breiman, L. (2001). “Random forests.” Machine Learning, 45(1), 5–32.Google Scholar

Breunig, M. M., Kriegel, H. P., Ng, R. T., and Sander, J. (1999, September). “Optics-of: identifying local outliers.” Principles of Data Mining and Knowledge Discovery. PKDD 1999, Żytkow, J. M and Rauch, J (Eds.) Lecture Notes in Computer Science, vol. 1704. Springer. doi: 10.1007/978-3-540-48247-5_28.Google Scholar

Brigham, E. O. (2002). The Fast Fourier Transform. Prentice Hall.Google Scholar

Bright, A. (2007). “Estonia accuses Russia of ‘cyberattack’.” www.csmonitor.com/2007/0517/p99s01-duts.html. Last accessed March 2020.Google Scholar

Bronskill, J. (2012, November 9). “Govt fears Canada becoming host country for cyber-attacker.” https://winnipeg.ctvnews.ca/canada-becoming-host-country-for-cyber-attackers-government-fears-.1032064. Last accessed November 2021.Google Scholar

Burns, C. (2012, June 1). “Stuxnet virus origin confirmed: USA and Isreali governments.” www.slashgear.com/stuxnet-virus-origin-confirmed-usa-and-isreali-governments-01231244/. Last accessed November 2021.Google Scholar

Caballero, J., Grier, C., Kreibich, C., and Paxson, V. (2011, August). “Measuring pay-per-install: the commoditization of malware distribution.” Proceedings of the 20th USENIX Conference on Security (SEC'11), 13.Google Scholar

Cai, L. and Hao, C. (2011). “TouchLogger: inferring keystrokes on touch screen from smartphone motion.” HotSec, 11(2011), 9–9.Google Scholar

Caldwell, D., Gilbert, A., Gottlieb, J., et al. (2004). “The cutting EDGE of IP router configuration.” ACM SIGCOMM Computer Communication Review, 34(1), 21–26.CrossRefGoogle Scholar

Calvaresi, D., Marinoni, M., Sturm, A., Schumacher, M., and Buttazzo, G. (2017, August). “The challenge of real-time multi-agent systems for enabling IoT and CPS.” Proceedings of the International Conference on Web Intelligence. ACM, 356–364.Google Scholar

Cao, L., Yang, D., Wang, Q., Yu, Y., Wang, J., and Rundensteiner, E. A. (2014, March). “Scalable distance-based outlier detection over high-volume data streams.” 2014 IEEE 30th International Conference on Data Engineering (ICDE) . IEEE, 76–87.CrossRefGoogle Scholar

Carvalho, M., DeMott, J., Ford, R., and Wheeler, D. A. (2014). “Heartbleed 101.” IEEE Security & Privacy, 12(4), 63–67.Google Scholar

Chandola, V., Banerjee, A., and Kumar, V. (2009). “Anomaly detection: a survey.” ACM Computing Surveys (CSUR), 41(3), 15.Google Scholar

Chandrashekar, G. and Sahin, F. (2014). “A survey on feature selection methods.” Computers & Electrical Engineering, 40(1), 16–28.Google Scholar

Chapman, P., Clinton, J., Kerber, R., et al. (2000). CRISP-DM 1.0, Step-by-Step Data Mining Guide. CRISP-DM Consortium; SPSS: Chicago, IL, USA.Google Scholar

Check Point. (2020). “Threat map.” https://threatmap.checkpoint.com/. Last accessed March 2020.Google Scholar

Chen, M., Mao, S., and Liu, Y. (2014). “Big data: a survey.” Mobile Networks and Applications 19(2), 171–209.Google Scholar

Chen, S. and Janeja, V. P. (2014). “Human perspective to anomaly detection for cybersecurity.” Journal of Intelligent Information Systems, 42(1), 133–153.Google Scholar

Cheok, R. (2014). “Wire shark: a guide to color my packets detecting network reconnaissance to host exploitation.” GIAC Certification Paper. SANS Institute Reading Room.Google Scholar

Cheswick, B. (1992, January). “An evening with Berferd in which a cracker is lured, endured, and studied.” Proceedings of the Winter USENIX Conference, San Francisco, 20–24.Google Scholar

Chi, M. (2014). “Cyberspace: America’s new battleground.” www.sans.org/reading-room/whitepapers/warfare/cyberspace-americas-battleground-35612. Last accessed November 2021.Google Scholar

Chien, E. and O’Gorman, G. (2011). “The nitro attacks, stealing secrets from the chemical industry.” Symantec Security Response (2011), 1–8.Google Scholar

CIA. (2021). “World Factbook.” Last accessed November 2021.Google Scholar

Cleary, J. G. and Trigg, L. E. (1995). “K*: an instance-based learner using an entropic distance measure.” Machine Learning Proceedings 1995, Prieditis, A and Russell, S (Eds.). Morgan Kaufmann, 108–114.CrossRefGoogle Scholar

Cloud Security Alliance. (2014). Big data taxonomy. https://downloads.cloudsecurityalliance.org/initiatives/bdwg/Big_Data_Taxonomy.pdf. Last accessed April 13, 2017.Google Scholar

Cohen, E., Datar, M., Fujiwara, S., et al. (2001). “Finding interesting associations without support pruning.” IEEE Transactions on Knowledge and Data Engineering, 13(1), 64–78.CrossRefGoogle Scholar

Cohen, W. W. (1995, July). “Fast effective rule induction.” Proceedings of the Twelfth International Conference on Machine Learning. Morgan Kaufmann, 115–123.Google Scholar

Cooper, G. F. and Herskovits, E. (1992). “A Bayesian method for the induction of probabilistic networks from data.” Machine Learning, 9, 309–347.Google Scholar

Cortes, C. and Vapnik, V. (1995). “Support-vector networks.” Machine Learning, 20(3), 273–297.CrossRefGoogle Scholar

Cover, T. and Hart, P. (1967). “Nearest neighbor pattern classification.” IEEE Transactions on Information Theory, 13(1), 21–27.Google Scholar

Dark Reading. (2011). “PNNL attack: 7 lessons: surviving a zero-day attack.” www.darkreading.com/attacks-and-breaches/7-lessons-surviving-a-zero-day-attack/d/d-id/1100226. Last accessed March 2020.Google Scholar

Darwish, A. and Bataineh, E. (2012, December 18–20). “Eye tracking analysis of browser security indicators.” 2012 International Conference on Computer Systems and Industrial Informatics (ICCSII), 1, 6. doi: 10.1109/ICCSII.2012.6454330. Last accessed November 2021.Google Scholar

Das, A., Ng, W.-K., and Woon, Y.-K. 2001. “Rapid association rule mining.” Proceedings of the Tenth International Conference on Information and Knowledge Management. ACM Press, 474–481.Google Scholar

Das, S., Kim, A., Jelen, B., Huber, L., and Camp, L. J. (2020). “Non-inclusive online security: older adults’ experience with two-factor authentication.” Proceedings of the 54th Hawaii International Conference on System Sciences, 6472.Google Scholar

Dash, M. and Liu, H. (1997). “Feature selection for classification.” Intelligent Data Analysis, 1(1–4), 131–156.Google Scholar

Davies, C. “Flame cyber-espionage discovered in vast infection net.” (2012, May 28). www.slashgear.com/flame-cyber-espionage-discovered-in-vast-infection-net-28230470/. Last accessed November 2021.Google Scholar

Davinson, N. and Sillence, E. (2010). “It won’t happen to me: Promoting secure behaviour among internet users.” Computers in Human Behavior, 26(6), 1739–1747.Google Scholar

Davinson, N. and Sillence, E. (2014). “Using the health belief model to explore users’ perceptions of ‘being safe and secure’ in the world of technology mediated financial transactions.” International Journal of Human–Computer Studies, 72(2), 154–168.Google Scholar

Dempster, A. P., Laird, N. M., and Rubin, D. B. (1977). “Maximum likelihood from incomplete data via the EM algorithm.” Journal of the Royal Statistical Society. Series B (Methodological), 39(1), 1–22.Google Scholar

Deokar, B. and Hazarnis, A. (2012). “Intrusion detection system using log files and reinforcement learning.” International Journal of Computer Applications 45(19), 28–35.Google Scholar

Dey, S., Janeja, V. P., and Gangopadhyay, A. (2009). “Temporal neighborhood discovery through unequal depth binning.” IEEE International Conference on Data Mining (ICDM’09), 110–119.Google Scholar

Dey, S., Janeja, V. P., and Gangopadhyay, A. (2014). “Discovery of temporal neighborhoods through discretization methods.” Intelligent Data Analysis, 18(4), 609–636.Google Scholar

Ding, Y., Yan, E., Frazho, A., and Caverlee, J. (2009, November). “Pagerank for ranking authors in co-citation networks.” Journal of the American Society for Information Science and Technology, 60(11), 2229–2243.Google Scholar

Domo. (2017). “Data never sleeps.” www.domo.com/learn/data-never-sleeps-5?aid=ogsm072517_1&sf100871281=1. Last accessed November 2021.Google Scholar

Drinkwater, D. (2016). “Does a data breach really affect your firm’s reputation?” www.csoonline.com/article/3019283/data-breach/does-a-data-breach-really-affect-your-firm-s-reputation.html. Last accessed June 2017.Google Scholar

Duchene, F., Garbayl, C., and Rialle, V. (2004). “Mining heterogeneous multivariate time-series for learning meaningful patterns: application to home health telecare.” arXiv preprint cs/0412003.Google Scholar

Duczmal, L. and Renato, A. (2004). “A simulated annealing strategy for the detection of arbitrarily shaped spatial clusters.” Computational Statistics and Data Analysis, 45(2), 269–286.Google Scholar

Eberle, W., Graves, J., and Holder, L. (2010). “Insider threat detection using a graph-based approach.” Journal of Applied Security Research, 6(1), 32–81.Google Scholar

ENISA (European Union Agency for Network And Information Security). (2016, Jan). “Threat Taxonomy: a tool for structuring threat information.” https://library.cyentia.com/report/report_001462.html. Last accessed November 2021.Google Scholar

Ester, M., Frommelt, A., Kriegel, H.-P., and Sander, J. (1998). “Algorithms for characterization and trend detection in spatial databases.” Proceedings of the Fourth International Conference on Knowledge Discovery and Data Mining (KDD'98), 44–50.Google Scholar

Ester, M., Kriegel, H., and Sander, J. (1997). “Spatial data mining: a database approach.” The 5th International Symposium on Advances in Spatial Databases, Springer-Verlag, 47–66.Google Scholar

Ester, M., Kriegel, H. P., Sander, J., and Xu, X. (1996, August). “A density-based algorithm for discovering clusters in large spatial databases with noise.” KDD, 96(34), 226–231.Google Scholar

Estevez-Tapiador, J. M., Garcia-Teodoro, P., and Diaz-Verdejo, J. E. (2004). “Anomaly detection methods in wired networks: a survey and taxonomy.” Computer Communications, 27(16), 1569–1584.Google Scholar

Fabrikant, A., Koutsoupias, E., and Papadimitriou, C. H. (2002). “Heuristically optimized trade-offs: a new paradigm for power laws in the Internet.” International Colloquium on Automata, Languages and Programming. Springer, 110–122.Google Scholar

Faloutsos, M., Faloutsos, P., and Faloutsos, C. (1999). “On power-law relationships of the internet topology.” The Structure and Dynamics of Networks, Newman, M, Barabási, A.-L, and Watts, D. J. (Eds.). Princeton University Press, 195–206.Google Scholar

Famili, A., Shen, W. M., Weber, R., and Simoudis, E. (1997). “Data preprocessing and intelligent data analysis.” Intelligent Data Analysis, 1(1–4), 3–23.Google Scholar

Fayyad, U., Piatetsky-Shapiro, G., and Smyth, P. (1996). “From data mining to knowledge discovery in databases.” AI Magazine 17(3), 37.Google Scholar

Feily, M., Shahrestani, A., and Ramadass, S. (2009, June). “A survey of botnet and botnet detection.” Third International Conference on Emerging Security Information, Systems and Technologies, 2009. SECURWARE’09. IEEE, 268–273.Google Scholar

Ferebee, D., Dasgupta, D., and Wu, Q. (2012, December). “A cyber-security storm map.” 2012 International Conference on Cyber Security (CyberSecurity). IEEE, 93–102.Google Scholar

FireEye. (2019). “Mandiant Purple Team Assessment data sheet.” www.fireeye.com/content/dam/fireeye-www/services/pdfs/pf/ms/ds-purple-team-assessment.pdf. Last accessed November 2021.Google Scholar

Fischer, P., Lea, S. E., and Evans, K. M. (2013). “Why do individuals respond to fraudulent scam communications and lose money? The psychological determinants of scam compliance.” Journal of Applied Social Psychology, 43(10), 2060–2072.Google Scholar

Fodor, I. K. (2002). “A survey of dimension reduction techniques.” Center for Applied Scientific Computing, Lawrence Livermore National Laboratory 9, 1–18.Google Scholar

Frank, E., and Witten, H. I. (1998). “Generating accurate rule sets without global optimization.” Proceedings of the 15th International Conference on Machine Learning (ICML’98), Madison, Wisconsin, Frank, E and Witten, I. H. (Eds.). Morgan Kaufmann, 144–151.Google Scholar

Frank, L., Greitzer, R., and Hohimer, E. (2011, Summer). “Modeling human behavior to anticipate insider attacks.” Journal of Strategic Security: Strategic Security in Cyber Age, 4(2), 25–48.Google Scholar

Freeman, L. C. (1978). “Centrality in social networks conceptual clarification.” Social Networks, 1(3), 215–239.Google Scholar

Frei, S., May, M., Fiedler, U., and Plattner, B. (2006, September). “Large-scale vulnerability analysis.” Proceedings of the 2006 SIGCOMM Workshop on Large-Scale Attack Defense. ACM, 131–138.Google Scholar

Freund, Y. and Schapire, R. E. (1996). “Experiments with a new boosting algorithm.” Proceedings of the 13th International Conference on Machine Learning. Morgan Kaufmann, 148–146.Google Scholar

Gandhi, R., Sharma, A., Mahoney, W., et al. (2011). “Dimensions of cyber-attacks: cultural, social, economic, and political.” IEEE Technology and Society Magazine, 30(1), 28–38.Google Scholar

Garcia, S., Luengo, J., Sáez, J. A., Lopez, V., and Herrera, F. (2013). “A survey of discretization techniques: taxonomy and empirical analysis in supervised learning.” IEEE Transactions on Knowledge and Data Engineering, 25(4), 734–750.Google Scholar

Garcia-Teodoro, P., Diaz-Verdejo, J., Maciá-Fernández, G., and Vázquez, E. (2009). “Anomaly-based network intrusion detection: techniques, systems and challenges.” Computers and Security, 28(1), 18–28.Google Scholar

Garg, A., Upadhyaya, S., and Kwiat, K. (2013). “A user behavior monitoring and profiling scheme for masquerade detection.” Handbook of Statistics: Machine Learning: Theory and Applications, 31, 353.Google Scholar

Geenens, P. (2020). “FireEye hack turns into a global supply chain attack.” https://securityboulevard.com/2020/12/fireeye-hack-turns-into-a-global-supply-chain-attack/. Last accessed November 2021.Google Scholar

Gennari, J. H., Langley, P., and Fisher, D. (1989). “Models of incremental concept formation.” Artificial Intelligence, 40(1–3), 11–61.Google Scholar

Gesenhues, A. (2014). “Google Dorking: it’s all fun & games until the hackers show up.” http://searchengineland.com/google-dorking-fun-games-hackers-show-202191. Last accessed November 2021.Google Scholar

Glaz, J., Naus, J., and Wallenstein, S. (2001). Scan Statistics. Springer Verlag.Google Scholar

Goldberg, L. R. (1990). “An alternative ‘description of personality’: the big-five factor structure.” Journal of Personality and Social Psychology, 59(6), 1216.Google Scholar

Golnabi, K., Min, R. K,. Khan, L., and Al-Shaer, E. (2006). “Analysis of firewall policy rules using data mining techniques.” 2006 IEEE/IFIP Network Operations and Management Symposium, NOMS 2006. IEEE/IFIP, 205–315.Google Scholar

Goodfellow, I. (2016). “NIPS 2016 tutorial: generative adversarial networks.” arXiv:1701.00160.Google Scholar

Goodfellow, I., Pouget-Abadie, J., Mirza, M., et al. (2014). “Generative adversarial nets.” Proceedings of the 27th International Conference on Neural Information Processing Systems – Volume 2 (NIPS'14). MIT Press, 2672–2680.Google Scholar

Gopalani, S. and Arora, R. (2015). “Comparing Apache Spark and Map Reduce with performance analysis using K-means.” International Journal of Computer Applications, 113(1), 8–11.Google Scholar

Gormley, T., Reingold, N., Torng, E., and Westbrook, J. (2000). “Generating adversaries for request-answer games.” Proceedings of the 11th ACM-SIAM Symposium on Discrete Algorithms. ACM-SIAM, 564–565.Google Scholar

Grazioli, S. (2004). “Where did they go wrong? An analysis of the failure of knowledgeable internet consumers to detect deception over the internet.” Group Decision and Negotiation, 13(2), 149–172.Google Scholar

Griffith, D. A. (1987). Spatial Autocorrelation: A Primer. Association of American Geographers.Google Scholar

Grover, A., Gholap, J Janeja, V. P, et al. (2015). “SQL-like big data environments: case study in clinical trial analytics.” Proceedings of 2015 IEEE International Conference on Big Data, 2680–2689.Google Scholar

Gu, G., Zhang, J., and Lee, W. (2008, February). “BotSniffer: detecting botnet command and control channels in network traffic.” Proceedings of the 15th Annual Network and Distributed System Security Symposium, vol. 8, 1–18.Google Scholar

Guardian, The. (2016). “Norway, the country where you can see everyone’s tax returns.” www.theguardian.com/money/blog/2016/apr/11/when-it-comes-to-tax-transparency-norway-leads-the-field. Last accessed November 2021.Google Scholar

Guha, S., Rastogi, R., and Shim, K. (1998, June). “CURE: an efficient clustering algorithm for large databases.” ACM Sigmod Record, 27(2), 73–84.Google Scholar

Guha, S., Rastogi, R., and Shim, K. (2000). “ROCK: a robust clustering algorithm for categorical attributes.” Information Systems, 25(5), 345–366.Google Scholar

Gupta, H., Sural, S., Atluri, V., and Vaidya, J. (2016). “Deciphering text from touchscreen key taps.” IFIP Annual Conference on Data and Applications Security and Privacy. Springer International Publishing, 3–18.Google Scholar

Guralnik, V. and Srivastava, J. (1999). “Event detection from time series data.” KDD’99: Proceedings of the Fifth ACM SIGKDD International Conference on Knowledge Discovery and Data Mining. ACM, 33–42.Google Scholar

Haining, R. (2003). Spatial Data Analysis: Theory and Practice. Cambridge University Press.Google Scholar

Halevi, T., Lewis, J., and Memon, N. (2013, May). “A pilot study of cyber security and privacy related behavior and personality traits.” Proceedings of the 22nd International Conference on World Wide Web Companion. International World Wide Web Conferences Steering Committee, 737–744.Google Scholar

Halliday, J. (2010, September 24). “Stuxnet worm is the ‘work of a national government agency’.” www.guardian.co.uk/technology/2010/sep/24/stuxnet-worm-national-agency. Last accessed November 2021.Google Scholar

Han, J., and Fu, Y. (1995, September). “Discovery of multiple-level association rules from large databases.” VLDB’95, Proceedings of 21th International Conference on Very Large Data Bases, Dayal, U, Gray, P, and Nishio, S (Eds.). Morgan Kaufmann, 420–431.Google Scholar

Han, J., Pei, J., and Yin, Y. (2000, May). “Mining frequent patterns without candidate generation.” ACM Sigmod Record, 29(2), 1–12.Google Scholar

Hellerstein, J. L., Ma, S., and Perng, C.-S. (2002). “Discovering actionable patterns in event data.” IBM Systems Journal,  41(3), 475–493.Google Scholar

Heron, S. (2007). “The rise and rise of the keyloggers.” Network Security 2007(6), 4–6.Google Scholar

Hinneburg, A., and Keim, D. A. (1998, August). “An efficient approach to clustering in large multimedia databases with noise.” KDD, 98, 58–65.Google Scholar

Hoffman, S. (2011). “Cyber attack forces internet shut down for DOE lab, on July 8.” www.crn.com/news/security/231001261/cyber-attack-forces-internet-shut-down-for-doe-lab.htm. Last accessed February 23, 2014.Google Scholar

Hong, J., Liu, C. C., and Govindarasu, M. (2014). “Integrated anomaly detection for cyber security of the substations.” IEEE Transactions on Smart Grid, 5(4), 1643–1653.Google Scholar

Hu, M. and Liu, B. (2004, August). “Mining and summarizing customer reviews.” Proceedings of the Tenth ACM SIGKDD International Conference on Knowledge Discovery and Data Mining. ACM, 168–177.Google Scholar

Hu, Z., Baynard, C. W., Hu, H., and Fazio, M. (2015, June). “GIS mapping and spatial analysis of cybersecurity attacks on a Florida university.” 2015 23rd International Conference on Geoinformatics. IEEE, 1–5.Google Scholar

Hu, Z., Wang, H., Zhu, J., et al. (2014). “Discovery of rare sequential topic patterns in document stream.” Proceedings of the 2014 SIAM International Conference on Data Mining, 533–541.Google Scholar

Huang, Y., Pei, J., and Xiong, H. (2006). “Mining co-location patterns with rare events from spatial data sets.” GeoInformatica, 10(3), 239–260.Google Scholar

Hussain, M., Al-Haiqi, A., Zaidan, A. A., Zaidan, B. B., Kiah, M. M., Anuar, N. B., and Abdulnabi, M. (2016). “The rise of keyloggers on smartphones: A survey and insight into motion-based tap inference attacks.” Pervasive and Mobile Computing, 25, 1–25.Google Scholar

Ingols, K., Lippmann, R., & Piwowarski, K. (2006, December). “Practical attack graph generation for network defense.” Computer Security Applications Conference, 2006. ACSAC’06. 22nd Annual. IEEE, 121–130.Google Scholar

Iyengar, V. S. (2004). “On detecting space-time clusters.” KDD’04: Proceedings of the Tenth ACM SIGKDD International Conference on Knowledge Discovery and Data Mining. ACM Press, 587–592.Google Scholar

Jain, A. K. (2010). “Data clustering: 50 years beyond K-means.” Pattern Recognition Letters, 31(8), 651–666.Google Scholar

Jakobsson, M. (2007). “The human factor in phishing.” Privacy & Security of Consumer Information, 7(1), 1–19.Google Scholar

Janeja, V. P. (2019). Do No Harm: An Ethical Data Life Cycle, Sci on the Fly. AAAS.Google Scholar

Janeja, V. P., Adam, N. R., Atluri, V., and Vaidya, J. (2010). “Spatial neighborhood based anomaly detection in sensor datasets.” Data Mining and Knowledge Discovery, 20(2), 221–258.Google Scholar

Janeja, V. P. and Atluri, V. (2005). “LS3: A linear semantic scan statistic technique for detecting anomalous windows. Proceedings of the 2005 ACM Symposium on Applied Computing, 493–497.Google Scholar

Janeja, V. P. and Atluri, V. (2005). “FS3: A random walk based free-form spatial scan statistic for anomalous window detection.” Fifth IEEE International Conference on Data Mining (ICDM’05). IEEE Computer Society, 661–664.Google Scholar

Janeja, V. P, and Atluri, V. (2008). “Random walks to identify anomalous free-form spatial scan windows.” IEEE Transactions on Knowledge and Data Engineering, 20(10), 1378–1392.Google Scholar

Janeja, V. P. and Atluri, V. (2009). “Spatial outlier detection in heterogeneous neighborhoods.” Intelligent Data Analysis, 13(1), 85–107.Google Scholar

Janeja, V. P., Azari, A., Namayanja, J. M., and Heilig, B. (2014, October). “B-dids: Mining anomalies in a Big-distributed Intrusion Detection System.” In 2014 IEEE International Conference on Big Data (Big Data) (pp. 32–34). IEEE.Google Scholar

Jarvis, R. A. and Patrick, E. A. (1973). “Clustering using a similarity measure based on shared near neighbors.” IEEE Transactions on Computers, 100(11), 1025–1034.Google Scholar

Jha, S., Sheyner, O., and Wing, J. (2002). “Two formal analyses of attack graphs.” Computer Security Foundations Workshop, 2002. Proceedings. 15th IEEE. IEEE, 49–63.Google Scholar

Ji, Y., Zhang, X., Ji, S., Luo, X., and Wang, T. (2018, October). “Model-reuse attacks on deep learning systems.” Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security. ACM, 349–363.Google Scholar

Joachims, T. (2002, July). “Optimizing search engines using clickthrough data.” Proceedings of the Eighth ACM SIGKDD International Conference on Knowledge Discovery and Data Mining. ACM, 133–142.Google Scholar

John, O. P. and Srivastava, S. (1999). “The big-five trait taxonomy: history, measurement, and theoretical perspectives.” Handbook of Personality: Theory and Research, vol. 2., Pervin, L. A. and John, O. P. (Eds.). Guilford Press, 102–138.Google Scholar

Kang, I., Kim, T., and Li, K. (1997). “A spatial data mining method by Delaunay triangulation.” Proceedings of the 5th ACM International Workshop on Advances in Geographic Information Systems. ACM, 35–39.Google Scholar

Kang, U., Tsourakakis, C., Appel, A., Faloutsos, C., and Leskovec, J. (2010). “Radius plots for mining tera-byte scale graphs: algorithms, patterns, and observations.” Proceedings of the 2010 SIAM International Conference on Data Mining (SDM), 548–558.Google Scholar

Kang, U., Tsourakakis, C., and Faloutsos, C. (2009). “Pegasus: a peta-scale graph mining system – implementation and observations.” 2009 Ninth IEEE International Conference on Data Mining, 229–238.Google Scholar

Karypis, G., Han, E. H., and Kumar, V. (1999). “Chameleon: hierarchical clustering using dynamic modeling.” Computer, 32(8), 68–75.Google Scholar

Kaspersky. (2020). “Cyberthreat real-time map.” https://cybermap.kaspersky.com/. Last accessed November 2020.Google Scholar

Kath, O., Schreiner, R., and Favaro, J. (2009, September). “Safety, security, and software reuse: a model-based approach.” Proceedings of the Fourth International Workshop in Software Reuse and Safety. www.researchgate.net/publication/228709911_Safety_Security_and_Software_Reuse_A_Model-Based_Approach. Last accessed November 2021.Google Scholar

Kato, K. and Klyuev, V. (2017, August). “Development of a network intrusion detection system using Apache Hadoop and Spark.” 2017 IEEE Conference on Dependable and Secure Computing. IEEE, 416–423.Google Scholar

Katsini, C., Abdrabou, Y., Raptis, G. E., Khamis, M., and Alt, F. (2020, April). “The role of eye gaze in security and privacy applications: survey and future HCI research directions.” Proceedings of the 2020 CHI Conference on Human Factors in Computing Systems, 1–21.CrossRefGoogle Scholar

Kaufman, L. and Rousseeuw, P. (1987). Clustering by Means of Medoids. North-Holland.Google Scholar

Kaufman, L. and Rousseeuw, P. J. (1990). Finding Groups in Data: An Introduction to Cluster Analysis. John Wiley & Sons.Google Scholar

Keim, D. A., Mansmann, F., Panse, C., Schneidewind, J., and Sips, M. (2005). “Mail explorer – spatial and temporal exploration of electronic mail.” Proceedings of the Seventh Joint Eurographics/IEEE VGTC Conference on Visualization, 247–254.Google Scholar

Keim, D. A., Mansmann, F., and Schreck, T. (2005). “Analyzing electronic mail using temporal, spatial, and content-based visualization techniques.” Informatik 2005–Informatik Live!, vol. 67, 434–438.Google Scholar

Keogh, E., Lin, J., and Fu, A. (2005). “Hot sax: efficiently finding the most unusual time series subsequence.” Fifth IEEE International Conference on Data Mining (ICDM'05), doi: 10.1109/ICDM.2005.79.Google Scholar

Kianmehr, K. and Koochakzadeh, N. (2012). “Learning from socio-economic characteristics of IP geo-locations for cybercrime prediction.” International Journal of Business Intelligence and Data Mining, 7(1/2), 21–39Google Scholar

Kim, S., Edmonds, W., and Nwanze, N. 2014. “On GPU accelerated tuning for a payload anomaly-based network intrusion detection scheme.” Proceedings of the 9th Annual Cyber and Information Security Research Conference (CISR ‘14). ACM, 1–4. doi: 10.1145/2602087.2602093.Google Scholar

Kim Zetter Security. (2013). “Someone’s been siphoning data through a huge security hole in the internet.” www.wired.com/2013/12/bgp-hijacking-belarus-iceland/. Last accessed December 2016.Google Scholar

Knorr, E. M., Ng, R. T., and Tucakov, V. (2000). “Distance-based outliers: algorithms and applications.” VLDB Journal – The International Journal on Very Large Data Bases, 8(3–4), 237–253.Google Scholar

Koh, Y. S. and Ravana, S. D. (2016). “Unsupervised rare pattern mining: a survey.” ACM Transactions on Knowledge Discovery from Data (TKDD), 10(4), 45.Google Scholar

Koh, Y. S. and Rountree, N. (2005). “Finding sporadic rules using apriori-inverse.” PAKDD (Lecture Notes in Computer Science), vol. 3518. Ho, T. B., Cheung, D., and Liu, H. (Eds.). Springer, 97–106.Google Scholar

Koike, H. and Ohno, K. (2004). “SnortView: visualization system of snort logs.” Proceedings of the 2004 ACM Workshop on Visualization and Data Mining for Computer Security (VizSEC/DMSEC '04). ACM, 143–147. doi: 10.1145/1029208.1029232.Google Scholar

Kosner, A. W. (2012). “Cyber security fails as 3.6 million social security numbers breached in South Carolina.” www.forbes.com/sites/anthonykosner/2012/10/27/cyber-security-fails-as-3-6-million-social-security-numbers-breached-in-south-carolina/?sh=5f3637784e9e. Last accessed March 2021.Google Scholar

Kotsiantis, S. and Pintelas, P. (2004). “Recent advances in clustering: a brief survey.” WSEAS Transactions on Information Science and Applications, 1(1), 73–81.Google Scholar

Kotsiantis, S. B., Zaharakis, I. D., and Pintelas, P. E. (2006). “Machine learning: a review of classification and combining techniques.” Artificial Intelligence Review, 26(3), 159–190.Google Scholar

Kulldorff, M. (1997). “A spatial scan statistic.” Communications of Statistics – Theory Meth., 26(6), 1481–1496.Google Scholar

Kulldorff, M., Athas, W., Feuer, E., Miller, B., and Key, C. (1998). “Evaluating cluster alarms: a space-time scan statistic and brain cancer in Los Alamos.” American Journal of Public Health, 88(9), 1377–1380.Google Scholar

Kurgan, L. A. and Musilek, P. (2006, March). “A survey of knowledge discovery and data mining process models.” Knowledge Engineering Review, 21(1) 1–24. doi: 10.1017/S0269888906000737.Google Scholar

L24. (2016). “First national cyber security exercise Cyber Shield.” http://l24.lt/en/society/item/150489-first-national-cyber-security-exercise-cyber-shield-2016-will-be-held. Last accessed April 12, 2017.Google Scholar

LeCun, Y., Bengio, Y., and Hinton, G. (2015). “Deep learning.” Nature, 521(7553), 436.Google Scholar

Lee, G., Yun, U., Ryang, H., and Kim, D. (2015). “Multiple minimum support-based rare graph pattern mining considering symmetry feature-based growth technique and the differing importance of graph elements.” Symmetry, 7(3), 1151.Google Scholar

Leskovec, J. (2008). “Dynamics of large networks.” Dissertation. ProQuest Dissertations Publishing.Google Scholar

Leskovec, J., Chakrabarti, D., Kleinberg, J., and Faloutsos, C. (2005). “Realistic, mathematically tractable graph generation and evolution, using Kronecker multiplication.” European Conference on Principles and Practice of Knowledge Discovery in Databases: PKDD 2005, Jorge, A. M, Torgo, L, Brazdil, P, Camacho, R, and Gama, J (Eds.). Lecture Notes in Computer Science, vol. 3721. Springer. doi: 10.1007/11564126_17.Google Scholar

Leskovec, J. and Faloutsos, C. (2007). “Scalable modeling of real graphs using kronecker multiplication.” International Conference on Machine Learning (ICML ‘07). ACM, 497–504. doi: 10.1145/1273496.1273559.Google Scholar

Leskovec, J., Kleinberg, J., and Faloutsos, C. (2005, August). “Graphs over time: densification laws, shrinking diameters and possible explanations.” Proceedings of the Eleventh ACM SIGKDD International Conference on Knowledge Discovery in Data Mining. ACM, 177–187.Google Scholar

Leskovec, J., Kleinberg, J., and Faloutsos, C. (2007). “Graph evolution: densification and shrinking diameters.” ACM Transactions on Knowledge Discovery from Data (TKDD), 1, 2-es. doi: 10.1145/1217299.1217301.Google Scholar

Lewis, D. M. and Janeja, V. P. (2011). “An empirical evaluation of similarity coefficients for binary valued data.” International Journal of Data Warehousing and Mining (IJDWM), 7(2), 44–66. doi: 10.4018/jdwm.2011040103.CrossRefGoogle Scholar

Lewis, J. A. (2005). “Computer espionage, Titan Rain and China.” http://csis.org/files/media/csis/pubs/051214_china_titan_rain.pdf. Last accessed March 2020.Google Scholar

Leyden, J. (2012, March 29). “NSA’s top spook blames China for RSA hack.” www.theregister.co.uk/2012/03/29/nsa_blames_china_rsa_hack/. Last accessed November 2021.Google Scholar

Li, J., Dou, D., Wu, Z., Kim, S., and Agarwal, V. (2005). “An Internet routing forensics framework for discovering rules of abnormal BGP events.” ACM SIGCOMM Computer Communication Review, 35(5), 55–66.Google Scholar

Li, X., Wang, L., & Sung, E. (2008). AdaBoost with SVM-based component classifiers. Engineering Applications of Artificial Intelligence, 21(5), 785–795.Google Scholar

Lin, J., Keogh, E., Lonardi, S., and Chiu, B. (2003). “A symbolic representation of time series, with implications for streaming algorithms.” DMKD’03: Proceedings of the 8th ACM SIGMOD Workshop on Research Issues in Data Mining and Knowledge Discovery. ACM, 2–11.Google Scholar

Lin, Q., Adepu, S., Verwer, S., and Mathur, A. (2018, May). “TABOR: a graphical model-based approach for anomaly detection in industrial control systems.” Proceedings of the 2018 on Asia Conference on Computer and Communications Security (ASIACCS). ACM, 525–536. doi: 10.1145/3196494.3196546.Google Scholar

Liu, B., Hsu, W., and Ma, Y. (1999a). “Mining association rules with multiple minimum supports.” Proceedings of the 5th ACM SIGKDD International Conference on Knowledge Discovery and Data Mining. ACM, 337–341.Google Scholar

Liu, H., Hussain, F., Tan, C. L., and Dash, M. (2002). “Discretization: an enabling technique.” Data Mining and Knowledge Discovery, 6(4), 393–423.Google Scholar

Liu, Z., Wang, C., and Chen, S. (2008). “Correlating multi-step attack and constructing attack scenarios based on attack pattern modeling.” International Conference on Information Security and Assurance, 2008. ISA 2008. IEEE, 214–219.Google Scholar

Limmer, T. and Dressler, F. (2010). “Dialog-based payload aggregation for intrusion detection.” Proceedings of the 17th ACM Conference on Computer and Communications Security (CCS ‘10). ACM, 708–710. doi: 10.1145/1866307.1866405.Google Scholar

Lockheed Martin. (2015). “Gaining the advantage, applying Cyber Kill Chain® methodology to network defense 2015.” Technical report. www.lockheedmartin.com/content/dam/lockheed-martin/rms/documents/cyber/Gaining_the_Advantage_Cyber_Kill_Chain.pdf. Last accessed November 2021.Google Scholar

Luengo, J., García, S., and Herrera, F. (2012). “On the choice of the best imputation methods for missing values considering three groups of classification methods.” Knowledge and Information Systems, 32(1), 77–108.Google Scholar

Ma, S. and Hellerstein, J. L. (2001a). “Mining mutually dependent patterns.” Proceedings of the 2001 International Conference on Data Mining (ICDM’01), San Jose, CA, November 2001. IEEE, 409–416.Google Scholar

Ma, S. and Hellerstein, J. L. (2001b). “Mining partially periodic event patterns with unknown periods.” Proceedings of the 2001 International Conference on Data Engineering (ICDE’01), Heidelberg, Germany, April 2001. IEEE, 205–214.Google Scholar

MacQueen, J. (1967, June). “Some methods for classification and analysis of multivariate observations.” Proceedings of the Fifth Berkeley Symposium on Mathematical Statistics and Probability. University of California Press, vol. 1, no. 14, 281–297.Google Scholar

Mandiant. (2013). “APT1: exposing one of China’s cyber espionage units.” www.mandiant.com/resources/apt1-exposing-one-of-chinas-cyber-espionage-units. Last accessed November 2021.Google Scholar

Manyika, J., Chui, M., Brown, B., et al. (2011). Big data: The next frontier for innovation, competition, and productivity. McKinsey Global Institute.Google Scholar

Maron, M. and Kuhns, J. (1960). “On relevance, probabilistic indexing, and information retrieval.” Journal of the Association for Computing Machinery 7, 216–244.Google Scholar

Massicotte, F., Whalen, T., and Bilodeau, C. (2003). “Network mapping tool for real-time security analysis.” RTO IST Symposium on Real Time Intrusion Detection, 12-1–12-10.Google Scholar

McAfee. (2010). “Protecting your critical assets.” www.wired.com/images_blogs/threatlevel/2010/03/operationaurora_wp_0310_fnl.pdf. Last accessed November 2021.Google Scholar

McAfee. (2011). “Global energy cyberattacks: “Night Dragon.” www.heartland.org/publications-resources/publications/global-energy-cyberattacks-night-dragon. Last accessed November 2021.Google Scholar

McAfee. (2018). “The economic impact of cybercrime – no slowing down.” McAfee, Center for Strategic and International Studies (CSIS). www.mcafee.com/enterprise/en-us/solutions/lp/economics-cybercrime.html.Google Scholar

McBride, M., Carter, L., and Warkentin, M. (2012). “Exploring the role of individual employee characteristics and personality on employee compliance with cybersecurity policies.” RTI International Institute for Homeland Security Solutions, 5(1), 1.Google Scholar

McGuire, M. P., Janeja, V.P., and Gangopadhyay, A. (2008, August). “Spatiotemporal neighborhood discovery for sensor data.” International Workshop on Knowledge Discovery from Sensor Data. Springer, 203–225.Google Scholar

McGuire, M. P., Janeja, V. P., and Gangopadhyay, A. (2012). “Mining sensor datasets with spatio-temporal neighborhoods.” Journal of Spatial Information Science (JOSIS), 2013(6), 1–42.Google Scholar

Meng, X., Bradley, J., Yavuz, B., et al. (2016). “Mllib: machine learning in Apache Spark.” Journal of Machine Learning Research, 17(1), 1235–1241.Google Scholar

Mezzour, G. (2015). “Assessing the global cyber and biological threat.” Thesis, Carnegie Mellon University. doi: 10.1184/R1/6714857.v1.Google Scholar

Miller, H. J. (2004). “Tobler’s first law and spatial analysis.” Annals of the Association of American Geographers, 94(2), 284–289.Google Scholar

Miller, W. B. (2014). “Classifying and cataloging cyber-security incidents within cyber-physical systems.” Doctoral dissertation, Brigham Young University.Google Scholar

Misal, V., Janeja, V. P., Pallaprolu, S. C., Yesha, Y., and Chintalapati, R. (2016, December). “Iterative unified clustering in big data.” 2016 IEEE International Conference on Big Data (Big Data). IEEE, 3412–3421.Google Scholar

Mitra, B., Sural, S., Vaidya, J., and Atluri, V. (2016). “A survey of role mining.” ACM Computing Surveys (CSUR), 48(4), 1–37.Google Scholar

MITRE ATT&CK. (2020). ATT&CK Matrix for Enterprise. https://attack.mitre.org/. Last accessed November 2021.Google Scholar

Molina, L. C., Belanche, L., and Nebot, À. (2002). “Feature selection algorithms: a survey and experimental evaluation.” 2002 IEEE International Conference on Data Mining, 2002. ICDM 2003. Proceedings. IEEE, 306–313.Google Scholar

Namayanja, J. M. and Janeja, V. P. (2014, October). “Change detection in temporally evolving computer networks: a big data framework.” 2014 IEEE International Conference on Big Data. IEEE, 54–61.Google Scholar

Namayanja, J. M. and Janeja, V. P. (2015, May). “Change detection in evolving computer networks: changes in densification and diameter over time.” 2015 IEEE International Conference on Intelligence and Security Informatics (ISI). IEEE, 185–187.Google Scholar

Namayanja, J. M. and Janeja, V. P. (2017). “Characterization of evolving networks for cybersecurity.” Information Fusion for Cyber-Security Analytics, Alsmadi, I., Karabatis, G, and Aleroud, A (Eds.). Studies in Computational Intelligence, vol. 691. Springer International Publishing, 111–127. doi: 10.1007/978-3-319-44257-0_5.Google Scholar

Namayanja, J. M. and Janeja, V. P. (2019). “Change detection in large evolving networks.” International Journal of Data Warehousing and Mining, 15(2), 62–79.Google Scholar

Naseer, S., Saleem, Y., Khalid, S., et al. (2018). “Enhanced network anomaly detection based on deep neural networks.” IEEE Access, 6, 48231–48246.Google Scholar

Naus, J. (1965). “The distribution of the size of the maximum cluster of points on the line.” Journal of the American Statistical Association, 60, 532–538.Google Scholar

Neill, D., Moore, A., Pereira, F., and Mitchell, T. (2005). “Detecting significant multidimensional spatial clusters.” Advances in Neural Information Processing Systems 17, MIT Press, 969–976.Google Scholar

Netscout. (2020). “A global threat visualization.” www.netscout.com/global-threat-intelligence. Last accessed November 2020.Google Scholar

Ng, R. T. and Han, J. (1994, September). “Efficient and effective clustering methods for spatial data mining.” Proceedings of the 20th International Conference on Very Large Data Bases (VLDB '94). Morgan Kaufmann , 144–155.Google Scholar

Ng, R. T., Lakshmanan, L. V. S., Han, J., and Pang, A. 1998. “Exploratory mining and pruning optimizations of constrained associations rules.” Proceedings of the 1998 ACM SIGMOD International Conference on Management of Data (SIGMOD '98). ACM,13–24.Google Scholar

Nguyen, T. T. and Janapa Reddi, V. (2019). “Deep reinforcement learning for cyber security.” arXiv:1906.05799.Google Scholar

Nicosia, V., Tang, J., Mascolo, C., et al. (2013). “Graph metrics for temporal networks.” Temporal Networks: Understanding Complex Systems, Holme, P and Saramäki, J (Eds.). Springer, 15–40. doi: 10.1007/978-3-642-36461-7_2.Google Scholar

NIST (National Institute of Standards and Technology). (2015). NIST Big Data Interoperability Framework (NBDIF), V1.0. https://bigdatawg.nist.gov/V1_output_docs.php. Last accessed April 12, 2017.Google Scholar

NIST. (2017). National vulnerability database. http://nvd.nist.gov/. Last accessed September 2017.Google Scholar

Nunes, D. S., Zhang, P., and Silva, J. S. (2015). “A survey on human-in-the-loop applications towards an internet of all.” IEEE Communications Surveys and Tutorials, 17(2), 944–965.Google Scholar

O’Gorman, G. and McDonald, G. (2012). “The Elderwood Project.” www.infopoint-security.de/medien/the-elderwood-project.pdf. Last accessed November 2021.Google Scholar

Ohm, M., Sykosch, A., and Meier, M. (2020, August). “Towards detection of software supply chain attacks by forensic artifacts.” Proceedings of the 15th International Conference on Availability, Reliability and Security (ARES ’20). ACM, 1–6. doi: 10.1145/3407023.3409183.Google Scholar

Openshaw, S. (1987). “A mark 1 geographical analysis machine for the automated analysis of point data sets.” International Journal of GIS, 1(4), 335–358.Google Scholar

OSQuery. (2016). https://osquery.io/. Last accessed March 2020.Google Scholar

Otoum, S., Kantarci, B., and Mouftah, H. (2019, May). “Empowering reinforcement learning on big sensed data for intrusion detection.” 2019–2019 IEEE International Conference on Communications (ICC). IEEE, 1–7.Google Scholar

Paganini, P. (2014). “Turkish government is hijacking the IP for popular DNS providers.” http://securityaffairs.co/wordpress/23565/intelligence/turkish-government-hijacking-dns.html. Last accessed June 2017.Google Scholar

Parekh, J. J., Wang, K., and Stolfo, S. J. (2006). “Privacy-preserving payload-based correlation for accurate malicious traffic detection.” Proceedings of the 2006 SIGCOMM Workshop on Large-Scale Attack Defense (LSAD ‘06). ACM, 99–106. doi: 10.1145/1162666.1162667.Google Scholar

Patcha, A. and Park, J. M. (2007). “An overview of anomaly detection techniques: existing solutions and latest technological trends.” Computer Networks, 51(12), 3448–3470.Google Scholar

Paul, R. J. and Taylor, S. J. E. (2002). “Improving the model development process: what use is model reuse: is there a crook at the end of the rainbow?” Proceedings of the 34th Conference on Winter Simulation: Exploring New Frontiers (WSC ‘02). Winter Simulation Conference, 648–652.Google Scholar

Pei, J. and Han, J. (2000). “Can we push more constraints into frequent pattern mining?” Proceedings of the Sixth ACM SIGKDD International Conference on Knowledge Discovery and Data Mining. ACM Press, 350–354.Google Scholar

Peña, J. M., Lozano, J. A., and Larrañaga, P. (2002). “Learning recursive Bayesian multinets for data clustering by means of constructive induction.” Machine Learning, 47(1), 63–89.Google Scholar

Pfeiffer, T., Theuerling, H., and Kauer, M. (2013). “Click me if you can! How do users decide whether to follow a call to action in an online message?” Human Aspects of Information Security, Privacy, and Trust. HAS 2013, Marinos, L and Askoxylakis, I (Eds.). Lecture Notes in Computer Science, vol. 8030. Springer, 155–166. doi: 10.1007/978-3-642-39345-7_17.Google Scholar

Phillips, G., Shenker, S., and Tangmunarunkit, H. (1999). “Scaling of multicast trees: comments on the Chuang–Sirbu scaling law.” Proceedings of the Conference on Applications, Technologies, Architectures, and Protocols for Computer Communication (SIGCOMM ’99). ACM, 41–51. doi: 10.1145/316188.316205.Google Scholar

Picard, R. W. (2003). “Affective computing: challenges.” International Journal of Human-Computer Studies, 59(1), 55–64.Google Scholar

Press, S. J. and Wilson, S. (1978). “Choosing between logistic regression and discriminant analysis.” Journal of the American Statistical Association, 73(364), 699–705.Google Scholar

Qiu, J., Gao, L., Ranjan, S., and Nucci, A. (2007, September). “Detecting bogus BGP route information: Going beyond prefix hijacking.” In 2007 Third International Conference on Security and Privacy in Communications Networks and the Workshops-SecureComm 2007 (pp. 381–390). IEEE.Google Scholar

Quader, F., and Janeja, V. (2014). Computational Models to Capture Human Behavior In Cybersecurity Attacks. Academy of Science and Engineering (ASE).Google Scholar

Quader, F., and Janeja, V. P. (2021). Insights into Organizational Security Readiness: Lessons Learned from Cyber-Attack Case Studies. Journal of Cybersecurity and Privacy, 1(4), 638–659.Google Scholar

Quader, F., Janeja, V., and Stauffer, J. (2015, May). “Persistent threat pattern discovery.” 2015 IEEE International Conference on Intelligence and Security Informatics (ISI). IEEE, 179–181.Google Scholar

Quinlan, J. R. (1979). Discovering Rules by Induction from Large Collections of Examples: Expert Systems in the Micro Electronic Age. Edinburgh University Press.Google Scholar

Quinlan, J. R. (1993). C4.5: Programs for Machine Learning. Morgan Kaufmann.Google Scholar

Ramaswamy, S., Rastogi, R., and Shim, K. (2000, May). “Efficient algorithms for mining outliers from large data sets.” ACM Sigmod Record, 29(2), 427–438).Google Scholar

Rashid, F. Y. (2013, April 4). “DHS: spear phishing campaign targeted 11 energy sector firms.” www.securityweek.com/dhs-spear-phishing-campaign-targeted-11-energy-sector-firms. Last accessed February 23, 2014.Google Scholar

Raveh, A. and Tapiero, C. S. (1980). “Periodicity, constancy, heterogeneity and the categories of qualitative time series.” Ecology, 61(3), 715–719.Google Scholar

Revow, M., Williams, C. K., and Hinton, G. E. (1996). “Using generative models for handwritten digit recognition.” IEEE Transactions on Pattern Analysis and Machine Intelligence, 18(6), 592–606.Google Scholar

Risk Based Security. (2014). “A breakdown and analysis of the December, 2014 Sony hack.” www.riskbasedsecurity.com/2014/12/05/a-breakdown-and-analysis-of-the-december-2014-sony-hack/. Last accessed November 2021.Google Scholar

Rivest, R. L. and Vuillemin, J. (1976). “On recognizing graph properties from adjacency matrices.” Theoretical Computer Science, 3(3), 371–384.Google Scholar

Roddick, J. F. and Hornsby, K., (Eds.). (2001). Temporal, Spatial, and Spatio-Temporal Data Mining, First International Workshop TSDM 2000 Lyon, France, September 12, 2000, Revised Papers. Lecture Notes in Computer Science, vol. 2007. Springer-Verlag.Google Scholar

Roddick, J. F., Hornsby, K., and Spiliopoulou, M. (2001). “An updated bibliography of temporal, spatial, and spatio-temporal data mining research.” Temporal, Spatial, and Spatio-Temporal Data Mining, First International Workshop TSDM 2000 Lyon, France, September 12, 2000, Revised Papers. Springer-Verlag, 147–164.Google Scholar

Roddick, J. F. and Spiliopoulou, M. (1999). “A bibliography of temporal, spatial and spatio-temporal data mining research.” SIGKDD Explorations Newsletter, 1(1), 34–38.Google Scholar

Roman, J The Hadoop Ecosystem Table. https://hadoopecosystemtable.github.io/. Last accessed April 13, 2017.Google Scholar

Rousseeuw, P. J. (1987). “Silhouettes: a graphical aid to the interpretation and validation of cluster analysis.” Computational and Applied Mathematics. 20, 53–65.Google Scholar

Sadhwani, H. (2020). “Introduction to threat hunting.” https://medium.com/@hirensadhwani2619/introduction-to-threat-hunting-8dff62ba52ca. Last accessed November 2021.Google Scholar

Sainani, H. (2018). “IP reputation scoring – a perspective on clustering with meta-features augmentation.” Thesis.Google Scholar

Sainani, H., Namayanja, J. M., Sharma, G., Misal, V., and Janeja, V. P. (2020). “IP reputation scoring with geo-contextual feature augmentation.” ACM Transactions on Management Information Systems (TMIS), 11(4), 26:1–26:29.Google Scholar

Samuel, A. W. (2004). “Hactivism and future of political participation.” www.alexandrasamuel.com/dissertation/pdfs/Samuel-Hacktivism-entire.pdf. Last accessed November 2021.Google Scholar

Sander, J., Ester, M., Kriegel, H. P., and Xu, X. (1998). “Density-based clustering in spatial databases: the algorithm GDBSCAN and its applications.” Data Mining and Knowledge Discovery, 2(2), 169–194.Google Scholar

Sandoval, G. (2008). “YouTube blames Pakistan network for 2-hour outage.” www.cnet.com/news/youtube-blames-pakistan-network-for-2-hour-outage/. Last accessed June 2017.Google Scholar

Schlamp, J., Carle, G., and Biersack, E. W. (2013). “A forensic case study on as hijacking: the attacker’s perspective.” ACM SIGCOMM Computer Communication Review, 43(2), 5–12.Google Scholar

Schlosser, A. E., White, T. B., and Lloyd, S. M. (2006). “Converting web site visitors into buyers: how web site investment increases consumer trusting beliefs and online purchase intentions.” Journal of Marketing, 70(2), 133–148.Google Scholar

SecDev Group. (2009). “Tracking GhostNet: investigating a cyber espionage network.” www.nartv.org/mirror/ghostnet.pdf. Last accessed November 2021.Google Scholar

Shashanka, M., Shen, M., and Wang, J. (2016). “User and entity behavior analytics for enterprise security.” 2016 IEEE International Conference on Big Data (Big Data). IEEEE. 1867–1874. doi: 10.1109/BigData.2016.7840805.Google Scholar

Shearer, C. (2000). “The CRISP-DM model: the new blueprint for data mining.” Journal of Data Warehousing, 5, 13–22.Google Scholar

Shekhar, S., Lu, C., and Zhang, P. (2001). “Detecting graph-based spatial outliers: algorithms and applications.” Proceedings of the 7th ACM SIGKDD International Conference on Knowledge Discovery and Data Mining, 371–376.Google Scholar

Sheng, S., Holbrook, M., Kumaraguru, P., Cranor, L. F., and Downs, J. (2010). “Who falls for phish? A demographic analysis of phishing susceptibility and effectiveness of interventions.” Proceedings of the SIGCHI Conference on Human Factors in Computing Systems. ACM, 373–382.Google Scholar

Shi, L. and Janeja, V. P. (2009, June). “Anomalous window discovery through scan statistics for linear intersecting paths (SSLIP).” Proceedings of the 15th ACM SIGKDD International Conference on Knowledge Discovery and Data Mining. ACM, 767–776.Google Scholar

Shropshire, J., Warkentin, M., Johnston, A., and Schmidt, M. (2006). “Personality and IT security: an application of the five-factor model.” AMCIS 2006 Proceedings. Association for Information Systems AIS Electronic Library (AISeL), 415.Google Scholar

Simmon, E., Sowe, S. K., and Zettsu, K. (2015). “Designing a cyber-physical cloud computing architecture.” IT Professional, (3), 40–45.Google Scholar

Simmons, C., Ellis, C., Shiva, S., Dasgupta, D., and Wu, Q. (2009). AVOIDIT: A cyber attack taxonomy. 9th Annual Symposium on Information Assurance, 2–12. https://nsarchive.gwu.edu/sites/default/files/documents/4530310/Chris-Simmons-Charles-Ellis-Sajjan-Shiva.pdf. Last accessed November 2021.Google Scholar

Skariachan, D and Finkle, J (2014). “Target shares recover after reassurance on data breach impact.” www.reuters.com/article/us-target-results/target-shares-recover-after-reassurance-on-data-breach-impact-idUSBREA1P0WC20140226. Last accessed March 2020.Google Scholar

Sklower, K. (1991, Winter). A Tree-Based Packet Routing Table for Berkeley UNIX. USENIX.Google Scholar

SMR Foundation. (2021). NodeXL. www.smrfoundation.org/nodexl/. Last accessed November 2021.Google Scholar

Snare. (2020). Snare. www.snaresolutions.com/central-83/. Last accessed March 2020.Google Scholar

Snort. (2020). Snort Rules Infographic. https://snort-org-site.s3.amazonaws.com/production/document_files/files/000/000/116/original/Snort_rule_infographic.pdf?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAIXACIED2SPMSC7GA%2F20210316%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20210316T191343Z&X-Amz-Expires=172800&X-Amz-SignedHeaders=host&X-Amz-Signature=bcfc7d75d223ab40badd8bd9e89ded29cc98ed3896f0140f55320ee9bcdf1383. Last accessed March 2020.Google Scholar

Spitzner, L. (2003). Honeypots: Tracking Hackers, vol. 1. Addison-Wesley.Google Scholar

Srikant, R. and Agrawal, R. (1996). “Mining quantitative association rules in large relational tables.” Proceedings of the 1996 ACM SIGMOD international Conference on Management of Data. ACM Press, 1–12.Google Scholar

Statista. (2020). eCommerce report 2020 Statista Digital Market Outlook. www.statista.com/study/42335/ecommerce-report/. Last accessed November 2021.Google Scholar

Statista. (2021, March). Digital population worldwide. www.statista.com/statistics/617136/digital-population-worldwide/. Last accessed November 2021.Google Scholar

Statista. “IoT market – forecasts.” www.statista.com/statistics/1101442/iot-number-of-connected-devices-worldwide/. Last accessed November 2021.Google Scholar

Stauffer, J. and Janeja, V. (2017). “A survey of advanced persistent threats and the characteristics. Technical report.Google Scholar

Stephens, G. D. and Maloof, M. A. (2014, April 22) “Insider threat detection.” U.S. Patent No. 8,707,431.Google Scholar

Stouffer, K., Falco, J., and Scarfone, K. (2009). “Guide to industrial control systems (ICS) security.” Technical report, National Institute of Standards and Technology.Google Scholar

Stubbs, J., Satter, R., and Menn, J. (2020). “U.S. Homeland Security, thousands of businesses scramble after suspected Russian hack.” www.reuters.com/article/global-cyber/global-security-teams-assess-impact-of-suspected-russian-cyber-attack-idUKKBN28O1KN. Last accessed November 2021.Google Scholar

Stutz, J. and Cheeseman, P. (1996). “AutoClass – a Bayesian approach to classification.” Maximum Entropy and Bayesian Methods. Springer, 117–126.Google Scholar

Sugiura, O. and Ogden, R. T. (1994). “Testing change-points with linear trend.” Communications in Statistics – Simulation and Computation, 23(2), 287–322. doi: 10.1080/03610919408813172.Google Scholar

Sugiyama, M. and Borgwardt, K. (2013). “Rapid distance-based outlier detection via sampling.” Proceedings of the 26th International Conference on Neural Information Processing Systems – Volume 1 (NIPS'13). Curran Associates, 467–475.Google Scholar

Tan, Y., Vuran, M. C., and Goddard, S. (2009, June). “Spatio-temporal event model for cyber-physical systems.” 29th IEEE International Conference on Distributed Computing Systems Workshops, 2009. ICDCS Workshops’ 09. IEEE, 44–50.Google Scholar

Tang, X., Eftelioglu, E., Oliver, D., and Shekhar, S. (2017). “Significant linear hotspot discovery.” IEEE Transactions on Big Data, 3(2), 140–153.Google Scholar

Tango, T. and Takahashi, K. (2005). “A flexibly shaped spatial scan statistic for detecting clusters.” International Journal of Health Geographics, 4(11). doi: 10.1186/1476-072X-4-11.Google Scholar

Tao, F., Murtagh, F., and Farid, M. (2003). “Weighted association rule mining using weighted support and significance framework.” Proceedings of the Ninth ACM SIGKDD International Conference on Knowledge Discovery and Data Mining, KDD’03. ACM Press, 661–666.Google Scholar

Tartakovsky, A. G., Polunchenko, A. S., and Sokolov, G. (2013). “Efficient computer network anomaly detection by changepoint detection methods.” IEEE Journal of Selected Topics in Signal Processing, 7(1), 4–11.Google Scholar

Ten, C. W., Hong, J., and Liu, C. C. (2011). “Anomaly detection for cybersecurity of the substations.” IEEE Transactions on Smart Grid, 2(4), 865–873.Google Scholar

Thakur, V. (2011, December 8). “The Sykipot Attacks.” www.symantec.com/connect/blogs/sykipot-attacks. Last accessed November 2021.Google Scholar

Tim, O., Firoiu, L., and Cohen, P. (1999). “Clustering time series with hidden markov models and dynamic time warping.” Presented at IJCAI-99 Workshop on Sequence Learning.Google Scholar

Tobler, W. R. (1970). “A computer model simulation of urban growth in the Detroit region.” Economic Geography, 46(2), 234–240.Google Scholar

Townsend, M., Rupp, L., and Green, J. (2014). “Target CEO ouster shows new board focus on cyber attacks.” www.bloomberg.com/news/2014-05-05/target-ceo-ouster-shows-new-board-focus-on-cyber-attacks.html. Last accessed November 2021.Google Scholar

Trend Micro Incorporated. (2012a). ”Detecting APT activity with network traffic analysis.” www.trendmicro.com/cloud-content/us/pdfs/security-intelligence/white-papers/wp-detecting-apt-activity-with-network-traffic-analysis.pdf. Last accessed November 2021.Google Scholar

Trend Micro Incorporated. (2012b), “Spear-phishing email: most favored APT attack bait.”Google Scholar

Trinius, P., Holz, T., Göbel, J., and Freiling, F. C. (2009, October). “Visual analysis of malware behavior using treemaps and thread graphs.” 6th International Workshop on Visualization for Cyber Security, 2009. VizSec 2009. IEEE, 33–38.Google Scholar

Tsuchiya, P. F. (1988). “The landmark hierarchy: a new hierarchy for routing in very large networks.” Symposium Proceedings on Communications Architectures and Protocols (SIGCOMM '88). ACM, 35–42.Google Scholar

Vaarandi, R. and Podiņš, K. (2010). “Network IDs alert classification with frequent itemset mining and data clustering.” 2010 International Conference on Network and Service Management. IEEE, 451–456.Google Scholar

Vaidya, J., Atluri, V., and Guo, Qi. (2007). “The role mining problem: finding a minimal descriptive set of roles.” Proceedings of the 12th ACM Symposium on Access Control Models and Technologies. ACM, 175–184.Google Scholar

Van Mieghem, V. (2016). “Detecting malicious behaviour using system calls.” Master’s thesis, Delft University.Google Scholar

Venkatasubramanian, K., Nabar, S., Gupta, S. K. S., and Poovendran, R. (2011). “Cyber physical security solutions for pervasive health monitoring systems.” E-Healthcare Systems and Wireless Communications: Current and Future Challenges, Watfa, M (Ed.). IGI Global, 143–162.Google Scholar

Verizon Wireless. (2017). “Data breach digest.” https://enterprise.verizon.com/resources/articles/2017-data-breach-digest-half-year-anniversary/. Last accessed November 2021.Google Scholar

Verma, J. P. and Patel, A. (2016, March–September). “Comparison of MapReduce and Spark programming frameworks for big data analytics on HDFS.” International Journal of Computer Science and Communication, 7(2), 80–84. Google Scholar

Versprille, A. (2015). “Researchers hack into driverless car system, take control of vehicle.” www.nationaldefensemagazine.org/articles/2015/5/1/2015may-researchers-hack-into-driverless-car-system-take-control-of-vehicle. Last accessed November 20201.Google Scholar

Villeneuve, N. and Sancho, D. (2011). “The ‘lurid’ downloader.” www.trendmicro.com/cloud-content/us/pdfs/security-intelligence/white-papers/wp_dissecting-lurid-apt.pdf. Last accessed November 2021.Google Scholar

Vishwanath, A., Herath, T., Chen, R., Wang, J., and Rao, H. R. (2011). “Why do people get phished? Testing individual differences in phishing vulnerability within an integrated, information processing model.” Decision Support Systems, 51(3), 576–586.Google Scholar

Wall, M. E., Rechtsteiner, A., and Rocha, L. M. (2003). “Singular value decomposition and principal component analysis.” A Practical Approach to Microarray Data Analysis, Berrar, D. P, Dubitzky, W, and Granzow, M (Eds.). Springer, 91–109. doi: 10.1007/0-306-47815-3_5.Google Scholar

Wang, H., Wu, B., Yang, S., Wang, B., and Liu, Y. (2014). “Research of decision tree on YARN using MapReduce and Spark.” World Congress in Computer Science, Computer Engineering, and Applied Computing. American Council on Science and Education, 21–24.Google Scholar

Wang, K., He, Y., and Han, J. (2003). “Pushing support constraints into association rules mining.” IEEE Transactions Knowledge Data Engineering, 15(3), 642–658.Google Scholar

Wang, K. and Stolfo, S. J. 2004. “Anomalous payload-based network intrusion detection.” Recent Advances in Intrusion Detection. RAID 2004, Jonsson, E, Valdes, A, and Almgren, M (Eds.). Lecture Notes in Computer Science, vol. 3224. Springer, 89–96.Google Scholar

Wang, K., Yu, H., and Cheung, D. W. 2001. “Mining confident rules without support requirement.” Proceedings of the Tenth International Conference on Information and Knowledge Management. ACM Press, 89–96.Google Scholar

Wang, L., Singhal, A., and Jajodia, S. (2007a, July). “Measuring the overall security of network configurations using attack graphs.” IFIP Annual Conference on Data and Applications Security and Privacy. Springer, 98–112.Google Scholar

Wang, L., Singhal, A., and Jajodia, S. (2007b, October). “Toward measuring network security using attack graphs.” Proceedings of the 2007 ACM Workshop on Quality of Protection. ACM, 49–54.Google Scholar

Wang, P. A. (2011). “Online phishing in the eyes of online shoppers.” IAENG International Journal of Computer Science, 38(4), 378–383.Google Scholar

Wang, Q. H. and Kim, S. H. (2009). Cyber Attacks: Cross-Country Interdependence and Enforcement. WEIS.Google Scholar

Wang, W., Yang, J., and Muntz, R. (1997, August). “STING: A statistical information grid approach to spatial data mining.” VLDB, 97, 186–195.Google Scholar

Ward, J. S. and Barker, A. (2013). “Undefined by data: a survey of big data definitions.” arXiv:1309.5821.Google Scholar

Washington Post. (2013). “Target data flood stolen-card market.” www.washingtonpost.com/business/economy/target-cyberattack-by-overseas-hackers-may-have-compromised-up-to-40-million-cards/2013/12/20/2c2943cc-69b5-11e3-a0b9-249bbb34602c_story.html?utm_term=.42a8cd8b6c0e. Last accessed November 2016.Google Scholar

Websense. (2011). “Advanced persistent threat and advanced attacks: threat analysis and defense strategies for SMB, mid-size, and enterprise organizations Rev 2.” Technical report.Google Scholar

Wei, L., Keogh, E., and Xi, X. (2006). “SAXually explicit images: finding unusual shapes.” ICDM’06: Proceedings of the Sixth International Conference on Data Mining. IEEE Computer Society, 711–720.Google Scholar

Weimerskirch, A. (2018). Derrick Dominic Assessing Risk: Identifying and Analyzing Cybersecurity Threats to Automated Vehicles. University of Michigan,Google Scholar

Wilson, R. J. (1986). Introduction to Graph Theory. John Wiley & Sons.Google Scholar

Wireshark. (2021). www.wireshark.org. Last accessed November 2021.Google Scholar

Wright, R., Chakraborty, S., Basoglu, A., and Marett, K. (2010). “Where did they go right? Understanding the deception in phishing communications.” Group Decision and Negotiation, 19(4), 391–416.Google Scholar

Wright, R. T. and Marett, K. (2010). The influence of experiential and dispositional factors in phishing: an empirical investigation of the deceived. Journal of Management Information Systems, 27(1), 27.Google Scholar

Wu, M., Miller, R. C., and Garfinkel, S. L. (2006). “Do security toolbars actually prevent phishing attacks?” Proceedings of the SIGCHI Conference on Human Factors in Computing Systems (CHI ‘06). ACM, 601–610.Google Scholar

Wu, X., Kumar, V., Quinlan, J. R., et al. (2008). “Top 10 algorithms in data mining.” Knowledge and Information Systems, 14(1), 1–37.Google Scholar

Wübbeling, M., Elsner, T., and Meier, M. (2014, June). “Inter-AS routing anomalies: improved detection and classification.” 6th International Conference on Cyber Conflict (CyCon 2014), 2014. IEEE, 223–238.Google Scholar

Wybourne, M. N., Austin, M. F., and Palmer, C. C. (2009). National Cyber Security. Research and Development Challenges. Related to Economics, Physical Infrastructure and Human Behavior. I3P: Institute for Information Infrastructure Protection.Google Scholar

Xu, X., Ester, M., Kriegel, H. P., and Sander, J. (1998, February). “A distribution-based clustering algorithm for mining in large spatial databases.” Proceedings, 14th International Conference on Data Engineering, 1998. IEEE, 324–331.Google Scholar

Xu, X., Jäger, J., and Kriegel, H. P. (1999). “A fast parallel clustering algorithm for large spatial databases.” High Performance Data Mining., Guo, Y and Grossman, R (Eds.). Springer US, 263–290.Google Scholar

Yamanishi, K. and Takeuchi, J. (2002). “A unifying framework for detecting outliers and change points from non-stationary time series data.” KDD’02: Proceedings of the Eighth ACM SIGKDD International Conference on Knowledge Discovery and Data Mining. ACM, 676–681.Google Scholar

Yang, S.-C., and Wang, Y.-L. (2011, May). “System dynamics based insider threat modeling.” International Journal of Network Security and Its Applications 3(3), doi: 10.1109/ICDM.2007.61.Google Scholar

Yang, X., Kong, L., Liu, Z., et al. (2018). “Machine learning and deep learning methods for cybersecurity.” IEEE Access, 6, 35365–35381.Google Scholar

Yankov, D., Keogh, E., and Rebbapragada, U. (2007). “Disk aware discord discovery: finding unusual time series in terabyte sized datasets.” Seventh IEEE International Conference on Data Mining (ICDM 2007), 381–390. doi: 10.1109/ICDM.2007.61.Google Scholar

Yıldırım, M. and Mackie, I. (2019). “Encouraging users to improve password security and memorability.” International Journal of Information Security, 18(6), 741–759.Google Scholar

Yinka-Banjo, C. and Ugot, O.-A. (2019). “A review of generative adversarial networks and its application in cybersecurity.” Artificial Intelligence Review, 53, 1721–1736. doi: 10.1007/s10462-019-09717-4.Google Scholar

Yun, H., Ha, D., Hwang, B., and Ryu, K. H. (2003, September 15). “Mining association rules on significant rare data using relative support.” Journal of Systems and Software, 67(3) 181–191.Google Scholar

Yanan, S., Janeja, V. P., McGuire, M. P, .and Gangopadhyay, A. (2012). “Tnet: tensor-based neighborhood discovery in traffic networks.” 2012 IEEE 28th International Conference on Data Engineering Workshops, 331–336. doi: 10.1109/ICDEW.2012.72.Google Scholar

Zetter, K. (2011, April 20). “Top federal lab hacked in spear-phishing attack.” www.wired.com/threatlevel/2011/04/oak-ridge-lab-hack/. Last accessed February 23, 2014.Google Scholar

Zhang, K., Hutter, M., and Jin, H. (2009). “A new local distance-based outlier detection approach for scattered real-world data.” Advances in Knowledge Discovery and Data Mining. PAKDD 2009, Theeramunkong, T, Kijsirikul, B, Cercone, N, and Ho, T. B (Eds.). Lecture Notes in Computer Science, vol. 5476. Springer, 813–822. doi: 10.1007/978-3-642-01307-2_84.Google Scholar

Zhang, P., Huang,, Y., Shekhar, S., and Kumar, V. (2003). “Correlation analysis of spatial time series datasets: a filter-and-refine approach.” Advances in Knowledge Discovery and Data Mining. PAKDD 2003, Whang, K. Y., Jeon, J, Shim, K, and Srivastava, J (Eds.). Lecture Notes in Computer Science, Vol. 2637 Springer. doi: 10.1007/3-540-36175-8_53.Google Scholar

Zhang, T., Ramakrishnan, R., and Livny, M. (1996, June). “BIRCH: an efficient data clustering method for very large databases.” ACM Sigmod Record, 25(2), 103–114.Google Scholar

Zhao, Q., and Bhowmick, S. S. (2003). “Sequential pattern mining: a survey.” Technical report, CAIS Nayang Technological University Singapore, 1–26.Google Scholar

Zhou, B., Cheung, D. W., and Kao, B. (1999, April). “A fast algorithm for density-based clustering in large database.” Methodologies for Knowledge Discovery and Data Mining. PAKDD 1999, Zhong, N and Zhou, L (Eds.). Lecture Notes in Computer Science, Vol. 1574. Springer Berlin Heidelberg. doi: 10.1007/3-540-48912-6_45.Google Scholar

Zimmermann, A., Lorenz, A., and Oppermann, R. (2007, August). “An operational definition of context.” Modeling and Using Context. CONTEXT 2007, Kokinov, B, Richardson, D. C, Roth-Berghofer, T. R, and Vieu, L (Eds.). Lecture Notes in Computer Science, Vol. 4635. Springer Berlin Heidelberg. doi: 10.1007/978-3-540-74255-5_42.Google Scholar

Zimmermann, V. and Renaud, K. (2021). “The nudge puzzle: matching nudge interventions to cybersecurity decisions.” ACM Transactions on Computer–Human Interaction (TOCHI), 28(1), 1–45.Google Scholar